ea9c13ba99fc71300e5401d4de4b6e18aa0c1b055be61ff09777db162b2a8515

Analysis

max time kernel
119s
max time network
133s
platform
windows7_x64
resource
win7-20231215-en
resource tags

arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
submitted
26/12/2023, 14:56

Target

773d10fe463307312857892e74688d67.exe
Size

539KB
MD5

773d10fe463307312857892e74688d67
SHA1

27a098ce12ba51707ee77fad3ee5a4a8f5f78023
SHA256

ea9c13ba99fc71300e5401d4de4b6e18aa0c1b055be61ff09777db162b2a8515
SHA512

3f12e92ffc84070b7ed0f6471fdfcc492b79f37dc82311630766b9610668e8a7d6a78999dd5cc20094284f09dba8ebb46fc3b9136c718e0b8d2f8db76ef3aefd
SSDEEP

12288:e3CFMRQJu/fCTDvOgZ7Q4rLCkoB9xE+lr9oBBxlZzaPBnmX/sA:e3wFuJgtQ4rLC5BJlG7xvzm9mPp

Score

5^/10

Suspicious use of SetThreadContext 1 IoCs

description	pid	Process	procid_target
PID 2236 set thread context of 2244	2236	773d10fe463307312857892e74688d67.exe	28

Suspicious use of UnmapMainImage 1 IoCs

pid	Process
2244	773d10fe463307312857892e74688d67.exe

Suspicious use of WriteProcessMemory 9 IoCs

description	pid	Process	procid_target
PID 2236 wrote to memory of 2244	2236	773d10fe463307312857892e74688d67.exe	28
PID 2236 wrote to memory of 2244	2236	773d10fe463307312857892e74688d67.exe	28
PID 2236 wrote to memory of 2244	2236	773d10fe463307312857892e74688d67.exe	28
PID 2236 wrote to memory of 2244	2236	773d10fe463307312857892e74688d67.exe	28
PID 2236 wrote to memory of 2244	2236	773d10fe463307312857892e74688d67.exe	28
PID 2236 wrote to memory of 2244	2236	773d10fe463307312857892e74688d67.exe	28
PID 2236 wrote to memory of 2244	2236	773d10fe463307312857892e74688d67.exe	28
PID 2236 wrote to memory of 2244	2236	773d10fe463307312857892e74688d67.exe	28
PID 2236 wrote to memory of 2244	2236	773d10fe463307312857892e74688d67.exe	28

C:\Users\Admin\AppData\Local\Temp\773d10fe463307312857892e74688d67.exe
"C:\Users\Admin\AppData\Local\Temp\773d10fe463307312857892e74688d67.exe"
1⤵
- Suspicious use of SetThreadContext
- Suspicious use of WriteProcessMemory
PID:2236
- C:\Users\Admin\AppData\Local\Temp\773d10fe463307312857892e74688d67.exe
  "C:\Users\Admin\AppData\Local\Temp\773d10fe463307312857892e74688d67.exe"
  2⤵
  - Suspicious use of UnmapMainImage
  PID:2244

memory/2236-11-0x0000000000010000-0x000000000009D000-memory.dmp

Filesize
564KB

Download
memory/2244-0-0x0000000001000000-0x0000000001084000-memory.dmp

Filesize
528KB

Download
memory/2244-1-0x0000000001000000-0x0000000001084000-memory.dmp

Filesize
528KB

Download
memory/2244-2-0x0000000001000000-0x0000000001084000-memory.dmp

Filesize
528KB

Download
memory/2244-4-0x0000000001000000-0x0000000001084000-memory.dmp

Filesize
528KB

Download
memory/2244-7-0x000000007EFDE000-0x000000007EFDF000-memory.dmp

Filesize
4KB

Download
memory/2244-6-0x0000000001000000-0x0000000001084000-memory.dmp

Filesize
528KB

Download